Security Violations 1

John

I know if you are using r9 there is a way to have your switch call an extension when a security violation occures however I dont know of any other reports

hope this helps.

José

Please let me know if this was helpful

Thanks Jose,

We already have that set up to call my mobile but other than printing off the detail report every day and comparing the failed login attempts for each available login, I cant see how to monitor where the problem lies?

Thanks for helping out.

John

ScottyJohn,
In order to route the call to a mobile, you must first route the call to a VDN with a vector attached containing the Mobile Number - Right ?

If this is the case you could set the VDN to measured and although you won't see which LogonID generated the violation you will be able to report on which intervals the violations occured in.

Hope this helps....

Paul

You are geting them reguraly?

I have found cdr to be helpful in tracking down the problem.

Jose José

Please let me know if this was helpful

Thank you guys for your suggestions. What we have done is to remove all of the dead logins from the switch and cleared the security violations measurement to zero. This means that we will check this with our alarms check every morning and this will let us know immediately which login was trying to be used.

Jose, how would you go about using the CDR data to track this?

Many thanks again.

John

Scottyjohn,

You maybe able to get more details by having a look at how they're attempting to login - I presume you guys are using data modules or IP depending on the version. I presume they're login on via the tracker or inads port - if your site has the inads port on a seperate line it's not to easy to track but if the tracker is through the switch then you can allways add an analogue bridge to your station to get a visible indication of when anyone tries to access the tracker and use cdr to try and capture any ani (however i doubt there will be any).

Hope this helps,

Chris

scottyjohn,
You definetely have an option available in Definity to trace out the reports, What you can do is First administer the extensions in "ch sys secu" once done you'll get the notification on some phone whenever the voilation occurs aprt from this to take out a detailed list of all the voilations you can issue " monitor security login/auth/remo" to see each & every possible detail on it...
I am using this feature with my switch & this works perfect.

Hope this help, let me know...

Thanks Definity and all,
The monitor feature gives me all the detail I was looking for!

Cheers

John

LOL

I am Glad I could help you with it..
Regards,